#RSAC: How Machine Learning Can Bolster Email Threat Detection

At RSA Conference 2019 Dena Bauckman, VP product management, Zix, explored email attack threat evolutions and how machine learning can be used to better detect email-based attacks.

“Today, attackers are getting more targeted, and they’re not sending out bulk campaigns anymore,” she said. Email attack campaigns are becoming more intricate and “we need a better way of identifying those threats when they are constantly changing. That’s where we started to see that machine learning can really help us in that area.”

Bauckman defined machine learning as “the ability to teach a machine to do something that humans do naturally, and that is learn from experience.”

She added that there are two different types of machine learning techniques used in threat detection: supervised and unsupervised machine learning.

With supervised machine learning, you feed the system with a large sample of email threats so it can analyze attributes of email threats. Then, the system builds a model to predict future email threats. Email traffic is fed through the system and the model assigns a probability that an email is a threat, and then rules can be defined to handle potential threat scenarios. READ MORE ON: INFO SECURITY GROUP